CN102082690A - Passive finding equipment and method of network topology - Google Patents
Passive finding equipment and method of network topology Download PDFInfo
- Publication number
- CN102082690A CN102082690A CN2011100057472A CN201110005747A CN102082690A CN 102082690 A CN102082690 A CN 102082690A CN 2011100057472 A CN2011100057472 A CN 2011100057472A CN 201110005747 A CN201110005747 A CN 201110005747A CN 102082690 A CN102082690 A CN 102082690A
- Authority
- CN
- China
- Prior art keywords
- network
- topology
- subnet
- pntd
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses passive finding equipment and a passive finding method based on sniffing and fingerprint technology of network topology. The equipment comprises sniffing devices and a management device, wherein a plurality of sniffing devices are arranged in a network to be found, are directly connected with a host computer of each subnet host exchange, acquire all network element information and routing information from a subnet data packet and transmit the element information and the routing information serving as topology finding information to the management device; and the management device is arranged on any host computer which is not provided with any sniffing device, and is used for managing, summarizing and analyzing the sniffing devices and information acquired by the sniffing devices and drawing and displaying a network topology diagram of the entire network to be found. In the method, topology is found in a passive mode, so that additional data load on the network in a finding period is greatly lowered, and an acquired network data packet is a practical communication action and is correct and reliable. A network topology finding process can be controlled flexibly; through manual setting of the management device, start and stop of all sniffing devices can be controlled conveniently and flexibly; and the equipment and the method have good popularization prospects.
Description
Technical field
The present invention relates to a kind of passive discovering device and discover method thereof of network topology, exactly, relate to a kind of passive discovering device and discover method thereof based on the network topology of smelling spy and fingerprint technique; The technical field that belongs to information security and computer operating system.
Background technology
At first introduce the present situation of discovering network topology technology: well-known, network is to be made of a large amount of network element entities of working together, provides certain service to the user.These network element entity functions are then supported by hardware and software and carry out, and in the live network there be the network element entity: router, server, main frame, link etc., all these network elements all can influence the operational mode of network and offer end user's service quality.Since the nineties in 20th century, more and more enterprises and individual are constantly adding the Internet net, make network size continue to enlarge.In order to adapt to increasing flow, new node, new link constantly are introduced into network, thereby make the manual variation that is difficult to catch up with network of safeguarding, bring very big difficulty to network management.
Network topology is a kind of expression of interconnecting relation between each network element entity in the network, and it provides the link information of equipment between each subnet inside of whole network system and subnet.Network topology is very useful to network management, the network planning.For example, important informations such as network failure, flow bottleneck can directly be presented on the network topology, make the network manager can know the network condition that understanding is current, and the place of breaking down is come into plain view.Always be in transmission state at full capacity if show a link on the network topology, the capacity that enlarges this link so will have very great help to improving network performance.In addition, network topology is also very important to network simulation, can application newly developed of emulation on existing network, at first correct network topology must be arranged, and this just relates to discovering network topology.So-called Topology Discovery is to find that finishing the end user serves all involved entities: should find entity, also will find each entity role and the interconnected mode of each inter-entity in network.
The straightforward procedure that obtains network topology is that the keeper is according to its topological diagram of real network manual drawing, but network becomes increasingly complex now, more and more huger, and expanding always, and the function of each entity in network also become increasingly complex, follow the tracks of time or the energy that such network need spend and be difficult to calculate, and, in a single day network changes to some extent, and all working must be reformed.Just be based on this reason, the automatic discovery technique of network topology has just arisen at the historic moment.
At present, Chang Yong discovering network topology mode mainly contains three kinds:
(1) utilize snmp protocol visit routing iinformation to construct the network topology technology: to utilize the routing iinformation in the Simple Network Management Protocol SNMP collection network equipment to construct topology of networks, this method is with respect to two kinds of the back, no matter adopt which kind of algorithm, all must visit all routers and the routing table of each router, being that the time complexity of implementation algorithm is minimum is O (R * D), wherein, R is addressable router sum, each router routing table quantity of D.
(2) based on the web search technology of ospf protocol: the principle of introducing open type shortest path priority protocol OSPF, just this method oneself realizes ospf protocol, allow it communicate by letter with routing device, the routing iinformation that utilization obtains when communicating by letter with routing device is constructed network topology.The great advantage of this technology is that speed is fast, performance is high, but realizes that difficulty is bigger, and searches for can only be limited in certain scope and carry out, and requires the network equipment in this scope all to support ospf protocol.Because OSPF has become the Interior Gateway Protocol that IAB recommends, along with it as the popularizing of Interior Gateway Protocol, utilize its efficient tectonic network topological diagram fast to become an important research direction in the enterprise network management.
(3) based on the web search technology of routing information protocol RIP: this technology with based on the web search technology type of ospf protocol seemingly, also be that oneself realizes the RIP agreement, allow it communicate by letter with routing device, the routing iinformation that utilization obtains when communicating by letter with routing device is constructed network topology.Its advantage is that speed is fast, performance is high, but realizes that difficulty is bigger, and searches for can only be limited in certain scope and carry out, and requires the network equipment in this scope all to support the RIP agreement.
Introduce network Sniffer Technique again: smell that to visit principle very simple: it is a kind of data link layer technology, utilization be the Network Transfer Media of sharing formula.Sharing a machine meaning in the network can smell and visit the message that passes to all devices in this network segment (collision domain).For example, modal Ethernet is exactly a kind of shared formula network technology, after Ethernet card is received message, by checking that destination address judges whether to pass to oneself: if then message is passed to operating system; Otherwise dropping packets does not deal with.It is that it does not judge destination address that network interface card also has a kind of particular job pattern, directly its all messages that receive is all passed to operating system and handles.This particular job pattern is called as promiscuous mode, and Technology of Network Sniffer is set to promiscuous mode by network interface card, and utilizes the smell spy of data link access technique realization to network.As long as realize the visit of data link layer, just can be smelling the data link frame that the spy ability expands to any type, and be not only IP datagram.For example Tcpdump, NetxRay are the common programs of direct visit data link layer.
Fingerprint be human inherent with carry " seal ", have immutability, uniqueness and classification property, be the admissible evidence of the personal identification feature with legal status of generally acknowledging.All need the place of identity validation, and its ample scope for abilities is all arranged.Yan Jiu achievement makes fingerprint technique not be used for people's status differentiation merely for many years, also has been applied to other a lot of fields, comprises computer network field.
When handling the network information, different network operating systems is to carry out respective handling according to characteristics separately, and promptly its method is incomplete same; These differences just are called as system's " fingerprint ".Just can the recognition network system by discerning these fingerprints.For operating system, system fingerprint is actual to be to derive from the ICP/IP protocol stack.Different operating systems such as Windows, Linux or various types of Unix system, their ICP/IP protocol stack has nothing in common with each other, and its response to the various types of data bag is also different.Like this, only otherwise revise the network stack parameter of system bottom, the information such as OS Type, version number and IP address configuration that just can use certain main frame on the definite easily network of some scanning softwares commonly used.
Utilize operation system fingerprint, need to be grasped the fingerprint identification technology of ICP/IP protocol stack.Fingerprint identification technology commonly used at present comprises: FIN surveys, whether is provided with frequency, ICMP message reference, TOS, segment processing, tcp option, the SYN inundation of fragment bit, TCP initial window size, ACK value, ICMP error message.
At present, utilize the operation system fingerprint technology of the network equipment to carry out discovering network topology and become the focus that fingerprint technique is used at computer network field.Its basic process is: Information Monitoring → differentiation equipment (router, switch, main frame) → recognition system.Wherein recognition system is to utilize the fingerprint identification technology of ICP/IP protocol stack to discern the operating system that main frame adopts, each equipment and type thereof in the sound zone system again, operating system that adopts as main frame and routing device type etc. so just make webmaster personnel full appreciation overall network structure more.
By to the existing method of discovering network topology and the further investigation of correlation technique, as can be seen, topology discovery method at present commonly used all is a discovery mode initiatively, need to find that the requesting party is based on talk various network protocols, send the information of different-format, carry out Topology Discovery by the information that Requested Party feeds back.The shortcoming of this mode is apparent, and wherein most importantly dependence is strong, and different agreements needs the packet request of different-format, and this has just increased the complexity of Topology Discovery.And passive Topology Discovery mode only needs the data traffic of monitor network, and utilize correlation technique that the data of collecting are analyzed, need not send miscellaneous protocol data bag respectively at different vendor, distinct device, and, the collection of this data traffic is based on communication, and content is very reliable.
Summary of the invention
In view of this, the objective of the invention is on the prior art basis, to provide a kind of based on passive discovery device of network topology and the discover method thereof of smelling spy and fingerprint technique.The present invention adopts the passive discovery device of its network topology that provides to treat the topological condition of finding in the network to find, and then obtains network topological diagram; Its operating procedure safety, simple, convenient, quick, can carry out strong.
In order to achieve the above object, the invention provides and a kind ofly visit and the passive discovering device of network topology of fingerprint technique based on smelling, it is characterized in that: this equipment comprises following two kinds of devices:
One or more spy devices of smelling, be installed on the main frame that directly connects this subnet host exchange in each subnet respectively, each is smelt, and the spy device is generated by the network data detection, the subnet topology information that are linked in sequence and three modules of PNTD-UP message encapsulation are formed, responsible packet in this subnet is collected the various Topology Discovery information that comprise all net element informations and routing iinformation in this subnet, sends to management devices then;
A management devices, comprise interconnective Topology Discovery management configuration module and PNTD-DOWN message package module, and the subnet topology information that is linked in sequence collection, topology information Macro or mass analysis, network topology drafting and three modules of demonstration, be arranged at any of waiting to find in the network range and not have to install the main frame of smelling the spy device, be responsible for each is smelt and visit device and Information Monitoring is managed concentratedly, and the topology information of each subnet of collecting carried out Macro or mass analysis, draw and show the whole network of network topological diagram of waiting to find.
In order to achieve the above object, the present invention also provides the method for work of the passive discovering device of a kind of network topology of the present invention, it is characterized in that: described method comprises following operating procedure:
(1) carries out the initialization setting to smelling spy device and management devices respectively: will smell start and stop parameter and the topology discovery function start and stop parameter of visiting device and all be set to start, by management devices Topology Discovery frequency and topology information data length are set, input is installed each and is smelt the network element IP address of visiting device;
(2) start management devices and send the IP packet that comprises the PNTD-DOWN kind of message, restart and wait to find that in the network each smelt visits device and carry out the Topology Discovery operation;
(3) each is smelt and visits device detection network packet, the corresponding operating of beginning subnet Topology Discovery;
(4) management devices monitoring network packet is analyzed the data that receive, and draws the network in general topological diagram according to related data and is also shown.
The invention has the advantages that: discovering device of the present invention adopts passive mode to carry out Topology Discovery, compares with other present discovering network topology technology, has significantly reduced the additional data volume of bringing to network between the discovery period.Though the inventive method also can send packet in discovery procedure, but the transmitting-receiving of these packets only limits to be deployed in management devices in the passive Topology Discovery equipment of waiting to find in the network and each smells the communication of visiting between the device, compare the initiatively huge data flow of discovery technique, these packets can be ignored.And the collected network packet of the inventive method is actual communication behavior, and is accurately credible.Moreover the process of discovering network topology of the present invention can be controlled flexibly, i.e. manual setting by on management devices just can realize wholely waiting to find that all smell the startup of visiting device and the control operation that stops in the network, both makes things convenient for, and is flexible again.
For stable network, variation has taken place if it forms structure, for example increased main process equipment newly, apparatus and method for of the present invention does not need to do any change, just can very convenient, easily draw its up-to-date topological diagram, illustrates that it is by force portable.Therefore, the present invention has not just preserved current network topological information in passive discovery network topology process, also preserved the web-based history topology information.The user can reproduce the network topology situation of corresponding time period by select time, for use in the comparative analysis in the networking process.In a word, the present invention has good popularization and application prospect.
Description of drawings
Fig. 1 (A), (B) are based on the structural representation of visiting device and management devices of smelling in the passive discovering device of network topology of smelling spy and fingerprint technique respectively.
Fig. 2 (A), (B) are respectively the PNTD-UP kind of message that adopts of the present invention and the schematic diagram of PNTD-DOWN kind of message.
Fig. 3 is the passive topology discovery method operating process flow chart of discovering device of the present invention.
Fig. 4 is that smelling in the discovering device of the present invention visited device Topology Discovery process flow diagram.
Fig. 5 is the management devices subnet topology information acquisition module workflow diagram of discovering device of the present invention.
Fig. 6 is the tested schematic network structure of the embodiment of the invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing.
The present invention is a kind of based on passive discovering device of network topology and the discover method thereof of smelling spy and fingerprint technique, the realization background that it relied on is: discovering device of the present invention is installed waits to find that all network element devices in the network all are in normal operating condition, and the network interface card of each network element all is set to promiscuous mode, and support the communication protocol of SNMP, ICMP, ARP, so that can successfully find all devices in the network, obtain complete topological diagram, guaranteeing not can be because of individual device because of having to open or the errors and omissions of the topological diagram that other human factors cause.
Referring to Fig. 1, introduce the structure of the passive discovering device of network topology of the present invention and form: each discovering device visits device by smelling of one or more main frames that are installed on each subnet host exchange of direct connection respectively and a management devices is formed.Wherein,
Each is smelt, and the spy device is generated by the network data detection, the subnet topology information that are linked in sequence and three modules of PNTD-UP message encapsulation are formed, responsible packet in this subnet is collected the various Topology Discovery information that comprise all net element informations and routing iinformation in this subnet, sends to management devices then.
Introducing the concrete function of smelling three modules visiting device again is:
The network data detection module, adopt the data flow in the sniff technology detection network and carry out two kinds of operations:
A, the network data flow detection IP packets fields to receiving check whether comprise PNTD-DOWN message, if having, the source address that then writes down this packet is a management devices place network element address, as the destination address that sends PNTD-UP information later on.Simultaneously extract comprising Topology Discovery start-stop state, smell the configuration parameter of visiting device running status and Topology Discovery frequency, so that according to the detected parameters of corresponding this equipment of change of these configuration parameters according to formal definition; If no, then do not carry out any operation.
B, detect passive Topology Discovery state when starting, with regard to the packet in the monitoring network, and the data that comprise Simple Network Management Protocol SNMP, ICMP ICMP and ARP are analyzed, the topology that adopts existing discovering network topology technology and operation system fingerprint technology to obtain all network elements in this subnet is connected the information of situation, device type and model thereof, then these information is passed to subnet topology information generation module; If detect passive Topology Discovery state when stopping, just stopping the detection of packet and current Topology Discovery operation.
Subnet topology information generation module is used to receive and handle the data from the network data detection module, after wherein information is encapsulated as unified topology information form, is transmitted to the PNTD-UP message package module.
The PNTD-UP message package module after being responsible for the topology information from subnet topology information generation module encapsulated according to PNTD-UP kind of message form, is attached in the IP packet, sends to passive Topology Discovery management devices.
Management devices comprises interconnective Topology Discovery management configuration module and PNTD-DOWN message package module, and the subnet topology information that is linked in sequence collection, topology information Macro or mass analysis, network topology drafting and three modules of demonstration, be arranged at any of waiting to find in the network range and not have to install the main frame of smelling the spy device, be responsible for waiting to find that to being installed in the network each smelt visits device and Information Monitoring is managed concentratedly, and the topology information of each subnet of collecting analyzed, draw and show the whole network of network topological diagram of waiting to find.The concrete function of five modules of management devices is:
The Topology Discovery management configuration module is used to realize the various parameter configuration of whole passive Topology Discovery process comprise Topology Discovery state, topological frequency acquisition, IP address and topological data length etc.Wherein, the Topology Discovery state stop and start-up operation is to carry out manually, topological frequency acquisition configuration is the temporal frequency that Topology Discovery is set, and duration that each topology gathers and at interval promptly is set; The IP address configuration is each to be set smell the IP address of visiting device place network element, and these addresses send the purpose IP address of PNTD-DOWN kind of message as management devices; The configuration of topological data length is the topology information field length that each PNTD-UP packet is set.
The PNTD-DOWN message package module is used for the configuration information of Topology Discovery management configuration module is packaged into the PNTD-DOWN format messages, is attached in the IP packet, sends to destination address.
Subnet topology information acquisition module, the employing sniff technology receives the data flow on the automatic network, in the data field of IP packet, extract the data of PNTD agreement, define according to the PNTD-UP message format again, after extracting the topology information of subnet, it is passed to topology information Macro or mass analysis module make subsequent treatment.
Topology information Macro or mass analysis module receives the topology information from subnet topology information acquisition module, and the topology information of each subnet is carried out Macro or mass analysis, notifies the user that new topology information is arranged with page mode simultaneously.
Network topology is drawn and display module, is responsible for waiting to find the network in general topological data based on what come from topology information Macro or mass analysis module, and the overall topological diagram of drawing network is also shown.This module realizes part, and the user is select time manually, selects to check the network topology situation of this time period, is defaulted as current up-to-date topological diagram.
In order to realize smelling the interactive communication of visiting between device and the management devices, make things convenient for the transmission and the extraction of topology information, the present invention designs a kind of communication protocol that is exclusively used between these two kinds of devices, and the passive Topology Discovery PNTD of called after (Passive Network Topology Discovery) agreement, this protocol definition two kinds of message formats (referring to Fig. 2), it is encapsulated in the data of IP packet.
Referring to Fig. 2 (A), the PNTD-UP kind of message is to smell to visit device to the message that management devices sends, and is sequentially with following four fields:
Origin identification, the start field as this message packets of agreement is defined as PNTD_UP_START, is used to indicate this type of message, long 2 bytes in position;
Transmitting time, record are smelt the time that device sends packet of visiting, long 2 bytes in position;
Subnet topological data information is used to fill in all topology informations of smelling the local subnet of visiting the device discovery, sets its word length by management devices;
Finish sign, the trailer field as this message packets of agreement is defined as PNTD_UP_END, long 2 bytes in position.
Referring to Fig. 2 (B), the PNTD-DOWN kind of message is that management devices is visited the message that device sends to smelling, and is sequentially with following four fields:
Origin identification, the start field as this message packets of agreement is defined as PNTD_DOWN_START, is used to indicate this type of message, long 2 bytes in position;
Transmitting time, the record management device sends the time of packet, long 2 bytes in position;
Topology Discovery start and stop state, value are 1 and 0 to represent the startup of the passive discovering device of this topology respectively and stop, the long 4bit in position;
Cell arrangement on off state, value be 1 and 0 respectively expression smell the startup of visiting device and stop, the long 4bit in position;
Frequency acquisition, expression are smelt and are visited device and carry out the time that each topology information is gathered, and the topology information that is about to collect sends to time interval of management devices, long 1 byte in position by the PNTD-UP kind of message;
Finish sign, the trailer field as this message packets of agreement is defined as PNTD_DOWN_END, long 2 bytes in position.This packet of agreement
Referring to Fig. 3, introduction the present invention is based on the discover method of the passive discovering device of network topology of smelling spy and fingerprint technique, the preparation of this method is a plurality ofly to smell earlier the device distributed main frame that directly links to each other with the one-level switch of waiting to find each subnet in the network that is installed on of spy, the port that links to each other with this main frame on the switch is set to promiscuous mode, management devices being installed on any of waiting to find in the network range does not have to install and smells main frame or the server of visiting device again, and the network interface card that each network element of passive Topology Discovery equipment is installed simultaneously is set to promiscuous mode.This method comprises that following concrete operations step is:
Step 1, carry out the initialization setting to smelling spy device and management devices respectively: will smell start and stop parameter and the topology discovery function start and stop parameter of visiting device and all be set to start, by management devices Topology Discovery frequency and topology information data length are set, input is installed each and is smelt the network element IP address of visiting device.
Step 2 starts management devices and sends the IP packet that comprises the PNTD-DOWN kind of message, restarts and waits to find that in the network each smelt visits device and carry out the Topology Discovery operation.
Step 3 is smelt and is visited device detection network packet, the corresponding operating of beginning subnet Topology Discovery: collect local subnet topology information (corresponding operating is referring to shown in Figure 4), send to management devices then.
This step 3 comprises following content of operation:
(31) smell the network data of visiting in the device and smell and visit module and detect network data flow, the IP packet that receives is analyzed, check the packet that whether comprises the PNTD agreement,, then directly abandon this IP packet, do not do any processing if do not have; If have, then subnet Topology Discovery module analysis relevant field and obtain relevant parameter is carried out the subsequent operation of passive topology discovery function;
(32) detected PNTD-DOWN packet is write down the source IP address of this IP packet, be management devices place network element IP address MIP, begin the local subnet Topology Discovery simultaneously: obtain all SNMP, ICMP in the network, ARP categorical data by sniff technology, again in conjunction with resource and the operation system fingerprint recognition technology of the management information bank MIB of relevant snmp protocol family self, after the information of the routing iinformation that obtains whole subnet and whole network element device types, the format analysis processing of analyzing and unitizing obtains the topology information of local subnet.
(33) after message package module is encapsulated as the PNTD-UP type as requested with the subnet topology information that obtains, be additional in the IP packet, again this IP packet sent to destination address MIP.
Step 4, management devices monitoring network packet carries out Macro or mass analysis to the packet of visiting device of smelling that receives, and draws the network in general topological diagram according to related data and is also shown.
Introduce the following concrete operations content that this step 4 comprises again:
(41) the subnet topology information acquisition module (referring to shown in Figure 5) in the management devices utilizes sniff technology detection network data flow, and the IP packet that receives is analyzed.Check the packet that whether comprises the PNTD agreement,, then directly abandon this IP packet, do not do any processing if do not have; If have, then analyze relevant field and obtain parameter, carry out the subsequent operation of passive topology discovery function;
(42) subnet topology information acquisition module is carried out following operation to detected PNTD-UP packet:
Set up two tables of data: NetInfo and TopologyInfo, the former is used for preserving the all-ones subnet information that network to be found comprises IP address and mask, and the latter is used to preserve the subnet that comprises Topology Discovery time, topology information place and the all-ones subnet topology information of topological details TInfo thereof;
Extract transmitting time SendTime and subnet topology details TInfo in the PNTD-UP packet, the analyzing IP data packet head obtains source IP subnet address SIP and subnet mask SMASK simultaneously;
Check whether there is the respective record that relates to SIP in the NetInfo tables of data,, then this SIP and SMASK information are deposited among the NetInfo, deposit TInfo, SIP and the record of SendTime composition that obtains in TopologyInfo then if do not have.
(43) topology information Macro or mass analysis module reads each subnet topology information from two tables of data, be recorded as reference with the subnet in the NetInfo tables of data again, in the TopologyInfo tables of data, search the various topology informations of this nearest subnet of transmitting time, after carrying out aggregation process, notify the user that new topology information is arranged with page display way;
(44) network topology is drawn the topology information that gathers with the display module analysis, draws network topological diagram, for demonstration; This module can also notify the user whether new topology information is arranged with display mode, so that the manual select time of user is checked the network topological diagram of this time period, is defaulted as current up-to-date topological diagram.
The present invention has carried out repeatedly implementing test, and referring to Fig. 6, the use and the discovery procedure of discovering device of the present invention explained in introduction with the passive Topology Discovery process of the network W of specific embodiment.
In the Organization Chart of this embodiment network W, there are 11 subnets, wherein 5 belong to local subnet, and other 6 subnets are used for communicating between the routing device, and 5 local subnets are connected, and make All hosts mutual communication in this network.
The operating procedure of the discover method of the concrete enforcement of Topology Discovery equipment of the present invention is as follows:
1, check earlier all network element devices among the network W, guarantee that this waits to find all network element devices among the network W all in normal operation, their network interface card all is set to promiscuous mode, and all supports common agreements such as SNMP, ICMP, ARP.
2, respectively at the main frame H1 that directly is connected with switch S1, S2, S3, S4 and S5, H2, H3, H4 and H5 go up and passive Topology Discovery is installed is smelt and visit device (referring to shown in Figure 6), start these then and smell the spy device, make it all be in running status.
3, passive Topology Discovery management devices is installed on main frame M, and is started this management devices, carry out the initialization setting of relevant parameter, click determine after, start each and smell and visit device and carry out the operation of Topology Discovery process by sending IP packet mode.
4, main frame H1, H2, H3, smelling on H4 and the H5 visited device and begun the Topology Discovery process, after the topology information of the local subnet collected is handled, sends to management devices place main frame M.
5, the management devices among the main frame M collect to arrive, and each smells the topology information of visiting device, carries out notifying the user to have new topological message to arrive after the topology information Macro or mass analysis handles.The user can check current latest network topological diagram according to autonomous selection of notice, or checks web-based history topological diagram sometime.
The passive Topology Discovery equipment of the present invention is after concrete enforcement, obtained waiting to find the up-to-date topological diagram of network W, should scheme again to compare with existing network topological diagram, both are just the same, proved that it is correct the present invention is based on passive discovering device of network topology and the discover method thereof of smelling spy and fingerprint technique, has realized goal of the invention.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope of protection of the invention.
Claims (9)
1. visit and the passive discovering device of network topology of fingerprint technique based on smelling for one kind, it is characterized in that: this equipment comprises following two kinds of devices:
One or more spy devices of smelling, be installed on the main frame that directly connects this subnet host exchange in each subnet respectively, each is smelt, and the spy device is generated by the network data detection, the subnet topology information that are linked in sequence and three modules of PNTD-UP message encapsulation are formed, responsible packet in this subnet is collected the various Topology Discovery information that comprise all net element informations and routing iinformation in this subnet, sends to management devices then;
A management devices, comprise interconnective Topology Discovery management configuration module and PNTD-DOWN message package module, and the subnet topology information that is linked in sequence collection, topology information Macro or mass analysis, network topology drafting and three modules of demonstration, be arranged at any of waiting to find in the network range and not have to install the main frame of smelling the spy device, be responsible for each is smelt and visit device and Information Monitoring is managed concentratedly, and the topology information of each subnet of collecting carried out Macro or mass analysis, draw and show the whole network of network topological diagram of waiting to find.
2. equipment according to claim 1, it is characterized in that: described smelling visited employing passive Topology Discovery PNTD (Passive Network Topology Discovery) agreement realization interactive communication between device and the management devices, with transmission and the extraction that makes things convenient for topology information; And following two kinds of message formats are set, be encapsulated in the data of IP packet;
The PNTD-UP kind of message is to smell to visit device to the message that management devices sends, and is sequentially with following four fields:
Origin identification as this message start field, is defined as PNTD_UP_START, is used to indicate this type of message, long 2 bytes in position;
Transmitting time, record are smelt the time that device sends packet of visiting, long 2 bytes in position;
Subnet topological data information is used to fill in all topology informations of smelling the local subnet of visiting the device discovery, sets its word length by management devices;
Finish sign,, be defined as PNTD_UP_END, long 2 bytes in position as this end of message field;
The PNTD-DOWN kind of message is that management devices is visited the message that device sends to smelling, and is sequentially with following four fields:
Origin identification as this message start field, is defined as PNTD_DOWN_START, is used to indicate this type of message, long 2 bytes in position;
Transmitting time, the record management device sends the time of packet, long 2 bytes in position;
Topology Discovery start and stop state, value are 1 and 0 to represent the startup of the passive discovering device of this topology respectively and stop, the long 4bit in position;
Cell arrangement on off state, value be 1 and 0 respectively expression smell the startup of visiting device and stop, the long 4bit in position;
Frequency acquisition, expression are smelt and are visited device and carry out the time that each topology information is gathered, and the topology information that is about to collect sends to time interval of management devices, long 1 byte in position by the PNTD-UP kind of message;
Finish sign, the trailer field as this protocol data bag is defined as PNTD_DOWN_END, long 2 bytes in position.
3. passive discovering device according to claim 1 is characterized in that, the function of smelling three modules visiting device in the described passive Topology Discovery equipment is:
The network data detection module, adopt the data flow in the sniff technology detection network and carry out two kinds of operations:
The data flow that receives is detected the IP packets fields, check whether comprise PNTD-DOWN message, if having, the source address that then writes down this packet is a management devices place network element address, as the destination address that sends PNTD-UP information later on; Simultaneously extract comprising Topology Discovery start-stop state, smell the configuration parameter of visiting device running status and Topology Discovery frequency, so that according to the detected parameters of corresponding this equipment of change of these configuration parameters according to formal definition; If no, then do not carry out any operation;
When detecting passive Topology Discovery state for startup, with regard to the packet in the monitoring network, and the data that comprise Simple Network Management Protocol SNMP, Internet Control Message Protocol ICMP and ARP are analyzed, the topology that adopts existing discovering network topology technology and operation system fingerprint technology to obtain all network elements in this subnet is connected the information of situation, device type and model thereof, then these information is passed to subnet topology information generation module; If detect passive Topology Discovery state when stopping, just stopping the detection of packet and current Topology Discovery operation;
Subnet topology information generation module is used to receive and handle the data from the network data detection module, after wherein information is encapsulated as unified topology information form, is transmitted to the PNTD-UP message package module;
The PNTD-UP message package module after being responsible for the topology information from subnet topology information generation module encapsulated according to PNTD-UP kind of message form, is attached in the IP packet, sends to passive Topology Discovery management devices.
4. passive discovering device according to claim 1 is characterized in that, the function of five modules of the management devices in the described passive Topology Discovery equipment is:
The Topology Discovery management configuration module, be used to realize the various parameter configuration that comprise Topology Discovery state, topological frequency acquisition, IP address and topological data length of whole passive Topology Discovery process, wherein, stop and the start-up operation of Topology Discovery state are execution manually, the configuration of topology frequency acquisition is the temporal frequency that Topology Discovery is set, and duration and interval thereof that each topology is gathered promptly are set; The IP address configuration is each to be set smell the IP address of visiting device place network element, and these addresses send the purpose IP address of PNTD-DOWN kind of message as management devices; The configuration of topological data length is the topology information field length that each PNTD-UP packet is set;
The PNTD-DOWN message package module is used for the configuration information of Topology Discovery management configuration module is packaged into the PNTD-DOWN format messages, is attached in the IP packet, sends to destination address;
Subnet topology information acquisition module, the employing sniff technology receives the data flow on the automatic network, in the data field of IP packet, extract the data of PNTD agreement, define according to the PNTD-UP message format again, after extracting the topology information of subnet, it is passed to topology information Macro or mass analysis module make subsequent treatment;
Topology information Macro or mass analysis module receives the topology information from subnet topology information acquisition module, and the topology information of each subnet is carried out Macro or mass analysis, notifies the user that new topology information is arranged with page mode simultaneously;
Network topology is drawn and display module, is responsible for waiting to find the network in general topological data based on what come from topology information Macro or mass analysis module, and the overall topological diagram of drawing network is also shown; This module realizes part, and the user is select time manually, selects to check the network topology situation of this time period, is defaulted as current up-to-date topological diagram.
5. passive discovering device according to claim 1, it is characterized in that: described equipment is installed waits to find that all network elements in the network should all be in normal operating condition, and the network interface card of each network element all is set to promiscuous mode, and support the communication protocol of SNMP, ICMP, ARP, so that can successfully find all devices in the network, obtain complete topological diagram, guaranteeing not can be because of individual device because of having to open or the errors and omissions of the topological diagram that other human factors cause.
6. method of work that adopts the passive discovering device of the described network topology of claim 1, it is characterized in that: described method comprises following operating procedure:
(1) carries out the initialization setting to smelling spy device and management devices respectively: will smell start and stop parameter and the topology discovery function start and stop parameter of visiting device and all be set to start, by management devices Topology Discovery frequency and topology information data length are set, input is installed each and is smelt the network element IP address of visiting device;
(2) start management devices and send the IP packet that comprises the PNTD-DOWN kind of message, restart each and smell the operation of spy device execution Topology Discovery;
(3) each is smelt and visits device detection network packet, the corresponding operating of beginning subnet Topology Discovery: collect the local subnet topology information, send to management devices then;
(4) management devices monitoring network packet carries out Macro or mass analysis to the data that receive and handles, and generates and draws the network in general topological diagram and also shown.
7. method according to claim 6, it is characterized in that: described method also comprises following beamhouse operation: earlier a plurality of smelling visited the device distributed main frame of waiting to find directly to connect in the network each sub-host exchange that is installed on, and this host exchange is set to promiscuous mode with the port that this main frame is connected; Management devices being installed on any of waiting to find in the network range does not have to install and smells main frame or the server of visiting device again, and the network interface card that each network element of passive Topology Discovery equipment is installed simultaneously is set to promiscuous mode.
8. method according to claim 6 is characterized in that: described step (3) further comprises following content of operation:
(31) smell the network data of visiting in the device and smell and visit module and detect network data flow, the IP packet that receives is analyzed, check the packet that whether comprises the PNTD agreement,, then directly abandon this IP packet, do not do any processing if do not have; If have, then carry out the subsequent operation of passive topology discovery function;
(32) detected PNTD-DOWN packet is write down the source IP address of this IP packet, be management devices place network element IP address MIP, begin the local subnet Topology Discovery simultaneously: obtain all SNMP, ICMP in the network, ARP categorical data by sniff technology, again in conjunction with resource and the operation system fingerprint recognition technology of the management information bank MIB of relevant snmp protocol family self, after the information of the routing iinformation that obtains whole subnet and whole network element device types, the format analysis processing of analyzing and unitizing obtains the topology information of local subnet;
(33) after message package module is encapsulated as the PNTD-UP type as requested with the subnet topology information that obtains, be additional in the IP packet, again this IP packet sent to destination address MIP.
9. method according to claim 6 is characterized in that: described step (4) further comprises following content of operation:
(41) the subnet topology information acquisition module in the management devices utilizes sniff technology detection network data flow, and the IP packet that receives is analyzed.Check the packet that whether comprises the PNTD agreement,, then directly abandon this IP packet, do not do any processing if do not have; If have, then carry out the subsequent operation of passive topology discovery function;
(42) management devices is carried out following operation to detected PNTD-UP packet:
Set up two tables of data: NetInfo and TopologyInfo, the former is used for preserving the all-ones subnet information that network to be found comprises IP address and mask, and the latter is used to preserve the subnet that comprises Topology Discovery time, topology information place and the all-ones subnet topology information of topological details TInfo thereof;
Extract transmitting time SendTime and subnet topology details TInfo in the PNTD-UP packet, the analyzing IP data packet head obtains source IP subnet address SIP and subnet mask SMASK simultaneously;
Check whether there is the respective record that relates to SIP in the NetInfo tables of data,, then this SIP and SMASK information are deposited among the NetInfo, deposit TInfo, SIP and the record of SendTime composition that obtains in TopologyInfo then if do not have;
(43) topology information Macro or mass analysis module reads each subnet topology information from two tables of data, be recorded as reference with the subnet in the NetInfo tables of data again, in the TopologyInfo tables of data, search the various topology informations of this nearest subnet of transmitting time, after carrying out aggregation process, notify the user that new topology information is arranged with page display way;
(44) network topology is drawn the topology information that gathers with the display module analysis, draws network topological diagram, for demonstration; This module can also notify the user whether new topology information is arranged with display mode, so that the manual select time of user is checked the network topological diagram of this time period, is defaulted as current up-to-date topological diagram.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201110005747 CN102082690B (en) | 2011-01-10 | 2011-01-10 | Passive finding equipment and method of network topology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201110005747 CN102082690B (en) | 2011-01-10 | 2011-01-10 | Passive finding equipment and method of network topology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102082690A true CN102082690A (en) | 2011-06-01 |
| CN102082690B CN102082690B (en) | 2013-04-03 |
Family
ID=44088447
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201110005747 Expired - Fee Related CN102082690B (en) | 2011-01-10 | 2011-01-10 | Passive finding equipment and method of network topology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102082690B (en) |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102439905A (en) * | 2011-09-30 | 2012-05-02 | 华为技术有限公司 | Method, device and system of finding network topology automatically |
| WO2013114239A1 (en) * | 2012-02-02 | 2013-08-08 | International Business Machines Corporation | Switch discovery protocol for a distributed fabric system |
| WO2013114238A1 (en) * | 2012-02-02 | 2013-08-08 | International Business Machines Corporation | Distributed fabric management protocol |
| CN104320298A (en) * | 2014-10-27 | 2015-01-28 | 深圳市磊科实业有限公司 | Visual video device control method applied onto exchangers |
| US8964601B2 (en) | 2011-10-07 | 2015-02-24 | International Business Machines Corporation | Network switching domains with a virtualized control plane |
| CN104506339A (en) * | 2014-11-21 | 2015-04-08 | 河南中烟工业有限责任公司 | Industrial Ethernet network topology management implementation method based on PROFINET |
| US9054989B2 (en) | 2012-03-07 | 2015-06-09 | International Business Machines Corporation | Management of a distributed fabric system |
| US9059911B2 (en) | 2012-03-07 | 2015-06-16 | International Business Machines Corporation | Diagnostics in a distributed fabric system |
| EP2924930A2 (en) | 2014-03-25 | 2015-09-30 | Telefonaktiebolaget L M Ericsson (PUBL) | Path discovery in data transport networks based on statistical inference |
| CN105611226A (en) * | 2015-10-30 | 2016-05-25 | 浙江宇视科技有限公司 | Packet loss positioning method and device in video monitoring network |
| WO2016206386A1 (en) * | 2015-06-26 | 2016-12-29 | 中兴通讯股份有限公司 | Fault correlation method and apparatus |
| CN106549825A (en) * | 2016-10-13 | 2017-03-29 | 重庆金美通信有限责任公司 | A kind of method of communication network route forward table correctness test, system and equipment |
| CN106561019A (en) * | 2015-10-02 | 2017-04-12 | 安讯士有限公司 | Network Status Measuring System And Method For Measuring Status Of Network |
| CN109218064A (en) * | 2017-07-07 | 2019-01-15 | 普天信息技术有限公司 | network management system and management method |
| CN109218080A (en) * | 2018-08-21 | 2019-01-15 | 平安科技(深圳)有限公司 | A kind of method, monitoring system and the terminal device of automatic drafting network topology architecture |
| CN109495178A (en) * | 2017-09-13 | 2019-03-19 | 凌云天博光电科技股份有限公司 | A kind of construction method and device of FTTx network topology link |
| CN109587207A (en) * | 2017-09-29 | 2019-04-05 | 慧与发展有限责任合伙企业 | System and method for finding the network equipment automatically |
| CN110808865A (en) * | 2019-11-13 | 2020-02-18 | 北京理工大学 | Passive industrial control network topology discovery method and industrial control network security management system |
| CN111600719A (en) * | 2020-05-18 | 2020-08-28 | 计雄昆 | Electronic data verifiable trusted system and display platform based on three-party authentication |
| CN111614518A (en) * | 2020-05-20 | 2020-09-01 | 中国电子科技集团公司第五十四研究所 | Automatic safety testing method based on OSPF protocol |
| CN113037558A (en) * | 2021-03-16 | 2021-06-25 | 重庆邮电大学 | Broadband micropower wireless communication network analysis method and system |
| CN114143206A (en) * | 2021-12-02 | 2022-03-04 | 广东电网有限责任公司 | Power line communication network topology control method and device |
| CN114338183A (en) * | 2021-12-30 | 2022-04-12 | 深圳铸泰科技有限公司 | Method, system, terminal and storage medium for rapidly discovering and identifying assets |
| CN114584470A (en) * | 2022-03-10 | 2022-06-03 | 北京自如信息科技有限公司 | Network equipment topological graph generation method and device and electronic equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006050521A2 (en) * | 2004-11-03 | 2006-05-11 | Motion Picture Association Of America | Digital rights management using network topology testing |
| CN101056200A (en) * | 2007-04-30 | 2007-10-17 | 国电南京自动化股份有限公司 | Visual and on-demand dynamic data transfer method of the power system |
-
2011
- 2011-01-10 CN CN 201110005747 patent/CN102082690B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006050521A2 (en) * | 2004-11-03 | 2006-05-11 | Motion Picture Association Of America | Digital rights management using network topology testing |
| CN101056200A (en) * | 2007-04-30 | 2007-10-17 | 国电南京自动化股份有限公司 | Visual and on-demand dynamic data transfer method of the power system |
Non-Patent Citations (3)
| Title |
|---|
| GUOAI XU ETAL.: "A method for Topology Conformance Tests under Logical Constraints", 《WIRELESS COMMUNICATION,NETWORKING AND INFORMATION SECURITY》 * |
| YU YANG ETAL.: "SNMP:A Multi-sniffer and Multi-view Visualization Platform for Wireless Sensor Networks", 《INDUSTRIAL ELECTRONICS AND APPLICATIONS,2006 1ST IEEE》 * |
| 刘炎 等: "被动网络信息收集与分析技术研究", 《计算机应用研究》 * |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102439905B (en) * | 2011-09-30 | 2014-02-19 | 华为技术有限公司 | Method, device and system of finding network topology automatically |
| CN102439905A (en) * | 2011-09-30 | 2012-05-02 | 华为技术有限公司 | Method, device and system of finding network topology automatically |
| US8964601B2 (en) | 2011-10-07 | 2015-02-24 | International Business Machines Corporation | Network switching domains with a virtualized control plane |
| US9071508B2 (en) | 2012-02-02 | 2015-06-30 | International Business Machines Corporation | Distributed fabric management protocol |
| WO2013114239A1 (en) * | 2012-02-02 | 2013-08-08 | International Business Machines Corporation | Switch discovery protocol for a distributed fabric system |
| CN104094556A (en) * | 2012-02-02 | 2014-10-08 | 国际商业机器公司 | Switch discovery protocol for a distributed fabric system |
| GB2512546B (en) * | 2012-02-02 | 2014-11-19 | Ibm | Distributed fabric management protocol |
| CN104094556B (en) * | 2012-02-02 | 2017-07-11 | 国际商业机器公司 | Interchanger for distributed group construction system finds agreement |
| WO2013114238A1 (en) * | 2012-02-02 | 2013-08-08 | International Business Machines Corporation | Distributed fabric management protocol |
| GB2512546A (en) * | 2012-02-02 | 2014-10-01 | Ibm | Distributed fabric management protocol |
| US9088477B2 (en) | 2012-02-02 | 2015-07-21 | International Business Machines Corporation | Distributed fabric management protocol |
| US9077624B2 (en) | 2012-03-07 | 2015-07-07 | International Business Machines Corporation | Diagnostics in a distributed fabric system |
| US9059911B2 (en) | 2012-03-07 | 2015-06-16 | International Business Machines Corporation | Diagnostics in a distributed fabric system |
| US9077651B2 (en) | 2012-03-07 | 2015-07-07 | International Business Machines Corporation | Management of a distributed fabric system |
| US9054989B2 (en) | 2012-03-07 | 2015-06-09 | International Business Machines Corporation | Management of a distributed fabric system |
| EP2924930A2 (en) | 2014-03-25 | 2015-09-30 | Telefonaktiebolaget L M Ericsson (PUBL) | Path discovery in data transport networks based on statistical inference |
| US9331951B2 (en) | 2014-03-25 | 2016-05-03 | Telefonaktiebolaget L M Ericsson (Publ) | Path discovery in data transport networks based on statistical inference |
| CN104320298B (en) * | 2014-10-27 | 2017-07-28 | 深圳市磊科实业有限公司 | A kind of method of visualization control video equipment applied on interchanger |
| CN104320298A (en) * | 2014-10-27 | 2015-01-28 | 深圳市磊科实业有限公司 | Visual video device control method applied onto exchangers |
| CN104506339A (en) * | 2014-11-21 | 2015-04-08 | 河南中烟工业有限责任公司 | Industrial Ethernet network topology management implementation method based on PROFINET |
| WO2016206386A1 (en) * | 2015-06-26 | 2016-12-29 | 中兴通讯股份有限公司 | Fault correlation method and apparatus |
| CN106561019A (en) * | 2015-10-02 | 2017-04-12 | 安讯士有限公司 | Network Status Measuring System And Method For Measuring Status Of Network |
| CN105611226A (en) * | 2015-10-30 | 2016-05-25 | 浙江宇视科技有限公司 | Packet loss positioning method and device in video monitoring network |
| CN105611226B (en) * | 2015-10-30 | 2018-07-13 | 浙江宇视科技有限公司 | Packet loss position method and device in a kind of video surveillance network |
| CN106549825A (en) * | 2016-10-13 | 2017-03-29 | 重庆金美通信有限责任公司 | A kind of method of communication network route forward table correctness test, system and equipment |
| CN109218064A (en) * | 2017-07-07 | 2019-01-15 | 普天信息技术有限公司 | network management system and management method |
| CN109495178B (en) * | 2017-09-13 | 2021-08-31 | 凌云天博光电科技股份有限公司 | Method and device for constructing FTTx network topology link |
| CN109495178A (en) * | 2017-09-13 | 2019-03-19 | 凌云天博光电科技股份有限公司 | A kind of construction method and device of FTTx network topology link |
| CN109587207A (en) * | 2017-09-29 | 2019-04-05 | 慧与发展有限责任合伙企业 | System and method for finding the network equipment automatically |
| CN109587207B (en) * | 2017-09-29 | 2021-09-14 | 慧与发展有限责任合伙企业 | System and method for automatically discovering network devices |
| CN109218080A (en) * | 2018-08-21 | 2019-01-15 | 平安科技(深圳)有限公司 | A kind of method, monitoring system and the terminal device of automatic drafting network topology architecture |
| CN110808865A (en) * | 2019-11-13 | 2020-02-18 | 北京理工大学 | Passive industrial control network topology discovery method and industrial control network security management system |
| CN110808865B (en) * | 2019-11-13 | 2021-04-02 | 北京理工大学 | Passive industrial control network topology discovery method and industrial control network security management system |
| CN111600719A (en) * | 2020-05-18 | 2020-08-28 | 计雄昆 | Electronic data verifiable trusted system and display platform based on three-party authentication |
| CN111614518A (en) * | 2020-05-20 | 2020-09-01 | 中国电子科技集团公司第五十四研究所 | Automatic safety testing method based on OSPF protocol |
| CN113037558A (en) * | 2021-03-16 | 2021-06-25 | 重庆邮电大学 | Broadband micropower wireless communication network analysis method and system |
| CN114143206A (en) * | 2021-12-02 | 2022-03-04 | 广东电网有限责任公司 | Power line communication network topology control method and device |
| CN114143206B (en) * | 2021-12-02 | 2023-09-19 | 广东电网有限责任公司 | Power line communication network topology control method and device |
| CN114338183A (en) * | 2021-12-30 | 2022-04-12 | 深圳铸泰科技有限公司 | Method, system, terminal and storage medium for rapidly discovering and identifying assets |
| CN114584470A (en) * | 2022-03-10 | 2022-06-03 | 北京自如信息科技有限公司 | Network equipment topological graph generation method and device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102082690B (en) | 2013-04-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102082690B (en) | Passive finding equipment and method of network topology | |
| CN110113345B (en) | Automatic asset discovery method based on flow of Internet of things | |
| CN104365058B (en) | For the system and method in multinuclear and group system high speed caching SNMP data | |
| CN104380693B (en) | System and method for dynamic routing in the cluster | |
| US9407450B2 (en) | Method and apparatus for providing tenant information for network flows | |
| CN104380660B (en) | System and method for carrying out trap monitoring in multinuclear and group system | |
| CN104620539B (en) | System and method for supporting SNMP requests by cluster | |
| CN102316001B (en) | Virtual network connection configuration realizing method and network equipment | |
| CN102821009B (en) | Method for monitoring ring network on basis of link layer discovery protocol and device | |
| US9621431B1 (en) | Classification techniques to identify network entity types and determine network topologies | |
| CN107771320A (en) | For improving security socket layer(SSL)The system and method for communications security | |
| CN107241186A (en) | Application signature is generated and distributed | |
| US11777965B2 (en) | Pattern match-based detection in IoT security | |
| CN107683597A (en) | Network behavior data collection and analysis for abnormality detection | |
| CN107409089A (en) | Business function login mechanism and ability authorized index | |
| CN107005439A (en) | The passive performance measurement linked for online service | |
| CN107154940A (en) | A kind of Internet of Things vulnerability scanning system and scan method | |
| EP2842285A1 (en) | Migration of a security policy of a virtual machine | |
| CN109995582A (en) | Asset equipment management system and method based on real-time status | |
| CN104579978B (en) | A kind of dynamic network Datalink Layer Topology Discovery method | |
| CN100493065C (en) | Method for using immediate information software by data detection network address switching equipment | |
| Kuliesius et al. | SDN enhanced campus network authentication and access control system | |
| CN113630301B (en) | Data transmission method, device and equipment based on intelligent decision and storage medium | |
| CN109088756A (en) | A kind of network topology complementing method based on network equipment identification | |
| CN117061394A (en) | eBPF-based container network TCP connection time delay monitoring method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130403 Termination date: 20140110 |